package com.xb.loan.admin.web.filter;

import com.xb.loan.admin.Constants;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;


/**
 * 项目名称 : oss-center
 * 创建日期 : 2015年11月27日
 * 类  描  述 : Form表单验证过滤器
 */
public class MyFormAuthenticationFilter extends FormAuthenticationFilter {

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
    	HttpServletRequest req = (HttpServletRequest)request;
    	//获取登录信息
    	HttpSession session = req.getSession();
        String userType = req.getParameter("userType");
        session.setAttribute("paramUserType", userType);
        
        String username = getUsername(req); 
        String password = getPassword(req); 
        String isLogin = req.getParameter("isLogin");
        String keyType = req.getParameter("keyType");
        String keyValue = req.getParameter("keyValue");        
        if(username != null && username.length() > 0){            
            session.setAttribute("paramUserName", username);
            session.setAttribute("userpassword", password);
            session.setAttribute("isLogin", isLogin);
            session.setAttribute(Constants.SESSION_KEY_TYPE, keyType);
            session.setAttribute(Constants.SESSION_KEY_VALUE, keyValue);            
        }
        
        if(request.getAttribute(getFailureKeyAttribute()) != null) {
            return true;
        }
        return super.onAccessDenied(request, response, mappedValue);
    }
}
